lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 23 Aug 2020 20:27:03 -0600
From:   David Ahern <dsahern@...il.com>
To:     guodeqing <geffrey.guo@...wei.com>, davem@...emloft.net
Cc:     kuba@...nel.org, dsahern@...il.com, netdev@...r.kernel.org
Subject: Re: [PATCH] ipv4: fix the problem of ping failure in some cases

On 8/22/20 1:46 AM, guodeqing wrote:
> ie.,
> $ ifconfig eth0 9.9.9.9 netmask 255.255.255.0
> 
> $ ping -I lo 9.9.9.9
> ping: Warning: source address might be selected on device other than lo.
> PING 9.9.9.9 (9.9.9.9) from 9.9.9.9 lo: 56(84) bytes of data.
> 
> 4 packets transmitted, 0 received, 100% packet loss, time 3068ms
> 
> This is because the return value of __raw_v4_lookup in raw_v4_input
> is null, the packets cannot be sent to the ping application.
> The reason of the __raw_v4_lookup failure is that sk_bound_dev_if and
> dif/sdif are not equal in raw_sk_bound_dev_eq.
> 
> Here I add a check of whether the sk_bound_dev_if is LOOPBACK_IFINDEX
> to solve this problem.
> 
> Fixes: 19e4e768064a8 ("ipv4: Fix raw socket lookup for local traffic")
> Signed-off-by: guodeqing <geffrey.guo@...wei.com>
> ---
>  include/net/inet_sock.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/include/net/inet_sock.h b/include/net/inet_sock.h
> index a3702d1..7707b1d 100644
> --- a/include/net/inet_sock.h
> +++ b/include/net/inet_sock.h
> @@ -144,7 +144,7 @@ static inline bool inet_bound_dev_eq(bool l3mdev_accept, int bound_dev_if,
>  {
>  	if (!bound_dev_if)
>  		return !sdif || l3mdev_accept;
> -	return bound_dev_if == dif || bound_dev_if == sdif;
> +	return bound_dev_if == dif || bound_dev_if == sdif || bound_dev_if == LOOPBACK_IFINDEX;
>  }
>  
>  struct inet_cork {
> 

this is used by more than just raw socket lookups.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ